Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/7IdOaQQJSMfocHXVg-kGhzyUqi8.roa
File: 7IdOaQQJSMfocHXVg-kGhzyUqi8.roa (raw, json)
Hash identifier: RqsZxyyELJhWxISK0bb+towmPRu29hMMqkIv52JNMYI=
Subject key identifier: EC:87:4E:69:04:09:48:C7:E8:70:75:D5:83:E9:06:87:3C:94:AA:2F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019569DE6F4A1C5649FDBB6A4A3D043AF618
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/7IdOaQQJSMfocHXVg-kGhzyUqi8.roa
Signing time: Thu 06 Mar 2025 05:12:19 +0000
ROA not before: Thu 06 Mar 2025 05:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.83.150.0/24 maxlen: 24
5.175.142.0/24 maxlen: 24
5.175.220.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
77.90.7.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
89.106.70.0/24 maxlen: 24
89.144.25.0/24 maxlen: 24
89.144.34.0/24 maxlen: 24
89.144.35.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:69:de:6f:4a:1c:56:49:fd:bb:6a:4a:3d:04:3a:f6:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 6 05:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec874e69040948c7e87075d583e906873c94aa2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:05:56:43:bb:cc:b7:2e:32:59:ca:d5:04:22:
5c:6b:7f:bc:31:90:01:74:51:ba:89:b9:36:d3:e7:
11:64:74:4a:7c:c9:8f:c8:04:93:d4:69:e6:33:ea:
fd:f1:21:8b:4a:07:ec:96:1d:04:3c:97:7b:52:d7:
12:e1:c2:7f:ae:fb:e4:16:97:4d:ea:f9:73:e0:f6:
bd:e6:59:61:d0:04:94:6a:05:9f:38:64:a6:98:0a:
ec:e7:e9:e0:38:83:c8:d4:70:4d:7e:4a:a8:3c:d7:
60:08:72:15:2a:06:b5:e8:59:16:01:dd:5c:7c:95:
dd:60:3a:5d:18:26:8e:f7:48:27:ff:87:39:27:c9:
ae:98:cd:74:cd:59:d6:26:dc:3e:cb:66:72:2b:a1:
f6:5d:3c:77:03:31:e9:b0:fd:ac:ba:fe:0a:37:3b:
7a:f8:13:cb:77:bf:b0:a6:f1:8d:39:94:db:31:8f:
a3:94:b9:7a:92:3d:71:42:08:24:e5:9c:29:5b:50:
cd:d9:8f:6d:d7:d2:05:6c:a5:c5:fa:d7:b0:6d:57:
87:e1:8d:21:4c:76:41:86:dc:bb:d5:f5:75:c4:7c:
5d:41:34:ca:e0:4d:12:ad:1e:9b:c5:6e:06:f3:96:
28:41:73:28:08:6c:13:28:0d:bb:92:a1:01:43:a1:
31:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:87:4E:69:04:09:48:C7:E8:70:75:D5:83:E9:06:87:3C:94:AA:2F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/7IdOaQQJSMfocHXVg-kGhzyUqi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.175.142.0/24
5.175.220.0/24
5.231.82.0/24
77.90.7.0/24
77.90.39.0/24
77.90.41.0/24
77.90.52.0/24
89.106.70.0/24
89.144.25.0/24
89.144.34.0/23
89.144.60.0/24
94.249.212.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:41:e7:d3:05:bf:49:1e:91:b4:7e:4c:c2:d3:b4:75:55:15:
b6:59:7d:71:34:61:38:7b:80:bf:c1:59:2a:a3:c1:dd:17:aa:
06:c9:ee:15:e6:ee:31:aa:b4:1e:65:3f:33:44:8d:6b:12:27:
b6:d8:ef:5b:a5:9a:c0:db:cd:a3:a9:db:81:f2:49:99:b0:27:
68:a5:9e:dd:1b:c9:e6:33:dc:e7:b7:63:86:52:ca:de:63:ce:
3e:23:1a:78:47:8c:73:ca:5c:9d:ec:2f:7a:98:09:70:3d:16:
ac:0d:ac:37:0a:6e:2e:d7:6e:ed:74:8a:82:53:60:5e:35:3f:
6c:24:69:aa:4f:58:6f:df:87:8b:97:17:4e:15:6f:db:59:32:
ac:58:6e:80:fc:75:16:02:1e:63:37:f2:eb:b4:51:92:d7:07:
1b:c4:ef:0f:89:20:d2:f9:36:a7:94:25:38:f5:7f:6b:5a:1c:
a3:4d:42:60:60:da:2e:d1:11:8c:3f:69:cc:95:c1:02:8a:78:
09:23:51:11:dd:6a:34:b9:6a:fb:52:46:78:0d:73:03:e5:b2:
3c:38:1c:e7:97:e2:2e:86:96:b1:b1:8b:6a:e5:2e:f5:2a:d9:
1f:ef:94:ba:e1:ed:fa:9f:38:e0:b6:21:60:0e:6b:57:4b:b5:
9d:c7:62:67
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZVp3m9KHFZJ/btqSj0EOvYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzA2MDUxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg3NGU2OTA0MDk0OGM3ZTg3MDc1ZDU4M2U5MDY4NzNjOTRhYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQVWQ7vMty4yWcrVBCJca3+8MZAB
dFG6ibk20+cRZHRKfMmPyAST1GnmM+r98SGLSgfslh0EPJd7UtcS4cJ/rvvkFpdN
6vlz4Pa95llh0ASUagWfOGSmmArs5+ngOIPI1HBNfkqoPNdgCHIVKga16FkWAd1c
fJXdYDpdGCaO90gn/4c5J8mumM10zVnWJtw+y2ZyK6H2XTx3AzHpsP2suv4KNzt6
+BPLd7+wpvGNOZTbMY+jlLl6kj1xQggk5ZwpW1DN2Y9t19IFbKXF+tewbVeH4Y0h
THZBhty71fV1xHxdQTTK4E0SrR6bxW4G85YoQXMoCGwTKA27kqEBQ6ExEQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFOyHTmkECUjH6HB11YPpBoc8lKovMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvN0lkT2FRUUpTTWZvY0hYVmcta0doenlVcWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABVOWAwQA
Ba+OAwQABa/cAwQABedSAwQATVoHAwQATVonAwQATVopAwQATVo0AwQAWWpGAwQA
WZAZAwQBWZAiAwQAWZA8AwQAXvnUMA0GCSqGSIb3DQEBCwUAA4IBAQBLQefTBb9J
HpG0fkzC07R1VRW2WX1xNGE4e4C/wVkqo8HdF6oGye4V5u4xqrQeZT8zRI1rEie2
2O9bpZrA282jqduB8kmZsCdopZ7dG8nmM9znt2OGUsreY84+Ixp4R4xzylyd7C96
mAlwPRasDaw3Cm4u127tdIqCU2BeNT9sJGmqT1hv34eLlxdOFW/bWTKsWG6A/HUW
Ah5jN/LrtFGS1wcbxO8PiSDS+TanlCU49X9rWhyjTUJgYNou0RGMP2nMlcECingJ
I1ER3Wo0uWr7UkZ4DXMD5bI8OBznl+IuhpaxsYtq5S71Ktkf75S64e36nzjgtiFg
DmtXS7Wdx2Jn
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:23:00 2025 by rpki-client